On Wednesday 17 May 2006 10:56, Amy Griffis wrote: > The userspace programs shouldn't require syscall audit.
They don't right now, but this proposal would make it so. :) > But if the kernel was built without CONFIG_AUDIT, I think ignore would be > appropriate, and would also follow what the trusted programs are > currently doing. Yes, I just want to make sure we cover that scenario. Rather than use sys/fs (and add kernel code) you could simply do a call to audit_getstatus and check the state. errno has one of several well known values if syscall audit is not compiled in. -Steve -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
